I'm on Debian stable, not OpenBSD, but SpamAssassin + razor + pyzor works really well. Roughly 1 spam per month, and 1-2 false positives a year. This is for an email address that has been used and openly spread widely for 25+ years.
The real work is making sure that outbound mail gets delivered, but even that is just making sure you have a clean IP and setting up reverse DNS + DMARC/SPF/DKIM...
Nice never heard of those until now. Link for anyone here cause it's kinda hard to google razor email filter for some reason. What does that setup have over amavisd?
I understand and respect this opinion, but it is clearly not true that you need "years of carefully built reputation" as per my own write up in this thread and plenty of others here and elsewhere. Still, I do respect and understand that e-mail is a particularly nasty hole to dive into with potentially serious consequences so I do not look down on those that bow out and go for alternative solutions.
I've been running a private mail server since the early 00s, spam protection has actually improved drastically in the past ten years or so. For the most parts, SPF and dkim make it very easy for servers to identify scam, for everything else rspamd and clamd seem to take care of the rest.
If you don't want to run a completely custom setup, there's projects like mailcow out there that can do the heavy lifting for you.
I really don't see a quantitative or qualitative difference between the gmail experience and mine, with the caveat that my setup doesn't label ham from other private mail servers as spam (arguably a good thing)
The big thing is that you're presumably already established, which means your IP/ASN is clean and "warm".
I self hosted for several years and gave up because even with a clean ASN, I simply wasn't sending enough emails to keep my reputation score high enough, and so deliverability into the big players (Microsoft in particular) was very spotty.
Email isn't that hard it's just laborious to administrate.
> I simply wasn't sending enough emails to keep my reputation score high enough
I’ve used a smaller hosting company for over 25 years run by a competent admin and it’s now dying a slow death I believe exactly because of this reputation problem from infrequent outbound emails from my domain.
I don’t know what to do tbh because putting my fate in big tech seems super dangerous.
Anyway, everyone is worried about spam but the real problem is sending and having people at outlook.com and gmail.com actually receive your emails!
I've long been convinced that Big Tech wants email to go away because it's neither fashionable nor particularly profitable. Gmail was famously somebody's "10% project", after all, and not a real product initiative.
Now that the era of free money appears to be over I'd not be surprised if I was reading a blog post about an "incredible journey" at Gmail within the decade.
While I think that everyone hosting their own email is the ideal, it's not really feasible on today's Internet. I content myself with fastmail. They're big enough I'm not worried about them dying any time soon.
I tried hosting my own email server again earlier in the year. I’d forgotten the process so when googling around I found numerous YouTube videos of spammers doing this themselves …
Get a clean IP and start long form email threads between this new domain and personal Gmail / outlook accounts: checking ‘this is not spam’, and coherent responses.
They also mention getting DKIm and SPF working.
The need for separate caldav , and all the major cloud providers blocking port 25 bummed me out.
Even more amusing is when half your customers are in Gmail, the other half in Exchange, and Gmail and Exchange are having some snit so the emails ain't happening. You call up Microsoft and they want you to reboot (??) or login to some windows account (??), and good luck getting someone from Google on the line. Fear not, for outsourced email saves money, and increases productivity, or anyways something like that, and if you have sufficient faith those big old corporations will fix things, eventually, maybe.
I have no explanation for it, but I also run a tiny mail server and I'm always fascinated that despite extremely low volume I still manage to get through without being flagged or blocked.
Best I can guess is that my host's netblock just happens to be sparkling clean, but it sounds like even that may not be enough anymore
Similar story here; my only guess (which I don't want to verify in case it jinxes it) is that I've been on the same name and netblock for an extremely long time (~20 years) and so I'm grandfathered in to a lot of undocumented IP rules at the big houses. Long may it continue.
You don’t have to choose between big tech and self hosting though. There’s thousands of medium sized, sustainable businesses that host your email for money and provide human support on top.
One of the good ones would be Fastmail but there’s many more.
I wonder if anyone has tried training an LLM on known spam and measured it's performance? Such an LLM would ideally be run local to the mail server for maximum privacy.
Ignoring e-mail content and throwing Naive-Bayes on the header alone is pretty much hove we got amazing spam filters about 15 years ago. All of course using a millionth or less of the resources a large language model would use.
Would love to see a robust tutorial to show us how to really do spam protection right.